SUSE-SU-2024:1321-1
Vulnerability Summary
Timeline
Description
Security update for the Linux Kernel The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-25742: Fixed insufficient validation during #VC instruction emulation in x86/sev (bsc#1221725). - CVE-2023-52519: Fixed possible overflow in HID/intel-ish-hid/ipc (bsc#1220920). - CVE-2023-52529: Fixed a potential memory leak in sony_probe() (bsc#1220929). - CVE-2023-52474: Fixed a vulnerability with non-PAGE_SIZE-end multi-iovec user SDMA requests (bsc#1220445). - CVE-2023-52513: Fixed connection failure handling in RDMA/siw (bsc#1221022). - CVE-2023-52515: Fixed possible use-after-free in RDMA/srp (bsc#1221048). - CVE-2023-52564: Reverted invalid fix for UAF in gsm_cleanup_mux() (bsc#1220938). - CVE-2023-52447: Fixed map_fd_put_ptr() signature kABI workaround (bsc#1220251). - CVE-2023-52510: Fixed a potential UAF in ca8210_probe() (bsc#1220898). - CVE-2023-52524: Fixed possible corruption in nfc/llcp (bsc#1220927). - CVE-2023-52528: Fixed uninit-value access in __smsc75xx_read_reg() (bsc#1220843). - CVE-2023-52507: Fixed possible shift-out-of-bounds in nfc/nci (bsc#1220833). - CVE-2023-52566: Fixed potential use after free in nilfs_gccache_submit_read_data() (bsc#1220940). - CVE-2023-52508: Fixed null pointer dereference in nvme_fc_io_getuuid() (bsc#1221015). - CVE-2023-6535: Fixed a NULL pointer dereference in nvmet_tcp_execute_request (bsc#1217988). - CVE-2023-6536: Fixed a NULL pointer dereference in __nvmet_req_complete (bsc#1217989). - CVE-2023-6356: Fixed a NULL pointer dereference in nvmet_tcp_build_pdu_iovec (bsc#1217987). - CVE-2023-52454: Fixed a kernel panic when host sends an invalid H2C PDU length (bsc#1220320). - CVE-2023-52520: Fixed reference leak in platform/x86/think-lmi (bsc#1220921). - CVE-2023-35827: Fixed a use-after-free issue in ravb_tx_timeout_work() (bsc#1212514). - CVE-2023-52509: Fixed a use-after-free issue in ravb_tx_timeout_work() (bsc#1220836). - CVE-2023-52501: Fixed possible memory corruption in ring-buffer (bsc#1220885). - CVE-2023-52567: Fixed possible Oops in serial/8250_port: when using IRQ polling (irq = 0) (bsc#1220839). - CVE-2023-52517: Fixed race between DMA RX transfer completion and RX FIFO drain in spi/sun6i (bsc#1221055). - CVE-2023-52511: Fixed possible memory corruption in spi/sun6i (bsc#1221012). - CVE-2023-52525: Fixed out of bounds check mwifiex_process_rx_packet() (bsc#1220840). - CVE-2023-52504: Fixed possible out-of bounds in apply_alternatives() on a 5-level paging machine (bsc#1221553). - CVE-2023-52575: Fixed SBPB enablement for spec_rstack_overflow=off (bsc#1220871). - CVE-2022-48626: Fixed a potential use-after-free on remove path moxart (bsc#1220366). - CVE-2022-48629: Fixed possible memory leak in qcom-rng (bsc#1220989). - CVE-2022-48630: Fixed infinite loop on requests not multiple of WORD_SZ in crypto: qcom-rng (bsc#1220990). - CVE-2021-46926: Fixed bug when detecting controllers in ALSA/hda/intel-sdw-acpi (bsc#1220478). - CVE-2021-47096: Fixed uninitalized user_pversion in ALSA rawmidi (bsc#1220981). - CVE-2021-47104: Fixed memory leak in qib_user_sdma_queue_pkts() (bsc#1220960). - CVE-2021-47097: Fixed stack out of bound access in elantech_change_report_id() (bsc#1220982). - CVE-2021-47094: Fixed possible memory leak in KVM x86/mmu (bsc#1221551). - CVE-2021-47107: Fixed READDIR buffer overflow in NFSD (bsc#1220965). - CVE-2021-47101: Fixed uninit-value in asix_mdio_read() (bsc#1220987). - CVE-2021-47108: Fixed possible NULL pointer dereference for mtk_hdmi_conf in drm/mediatek (bsc#1220986). - CVE-2021-47098: Fixed integer overflow/underflow in hysteresis calculations hwmon: (lm90) (bsc#1220983). - CVE-2021-47100: Fixed UAF when uninstall in ipmi (bsc#1220985). - CVE-2021-47095: Fixed missing initialization in ipmi/ssif (bsc#1220979). - CVE-2021-47091: Fixed locking in ieee80211_start_ap()) error path (bsc#1220959). - CVE-2021-46936: Fixed use-after-free in tw_timer_handler() (bsc#1220439). - CVE-2021-47102: Fixed incorrect structure access In line: upper = info->upper_dev in net/marvell/prestera (bsc#1221009). - CVE-2021-46925: Fixed kernel panic caused by race of smc_sock (bsc#1220466). - CVE-2021-46927: Fixed assertion bug in nitro_enclaves: Use get_user_pages_unlocked() (bsc#1220443). - CVE-2021-47093: Fixed memleak on registration failure in intel_pmc_core (bsc#1220978). - CVE-2022-20154: Fixed a use after free due to a race condition in lock_sock_nested of sock.c. This could lead to local escalation of privilege with System execution privileges needed (bsc#1200599). - CVE-2021-46929: Fixed use-after-free issue in sctp_sock_dump() (bsc#1220482). - CVE-2021-47087: Fixed incorrect page free bug in tee/optee (bsc#1220954). - CVE-2022-4744: Fixed double-free that could lead to DoS or privilege escalation in TUN/TAP device driver functionality (bsc#1209635). - CVE-2021-47082: Fixed ouble free in tun_free_netdev() (bsc#1220969). - CVE-2021-46933: Fixed possible underflow in ffs_data_clear() (bsc#1220487). - CVE-2021-46930: Fixed usb/mtu3 list_head check warning (bsc#1220484). - CVE-2021-47099: Fixed BUG_ON assertion in veth when skb entering GRO are cloned (bsc#1220955). - CVE-2023-52492: Fixed a null-pointer-dereference in channel unregistration function __dma_async_device_channel_register() (bsc#1221276). - CVE-2023-52450: Fixed NULL pointer dereference issue in upi_fill_topology() (bsc#1220237). - CVE-2023-28746: Fixed Register File Data Sampling (bsc#1213456). - CVE-2023-52583: Fixed deadlock or deadcode of misusing dget() inside ceph (bsc#1221058). - CVE-2023-52582: Fixed possible oops in netfs (bsc#1220878). - CVE-2023-52477: Fixed USB Hub accesses to uninitialized BOS descriptors (bsc#1220790). - CVE-2023-52470: Fixed null-ptr-deref in radeon_crtc_init() (bsc#1220413). - CVE-2023-52469: Fixed a use-after-free in kv_parse_power_table (bsc#1220411). - CVE-2023-52576: Fixed potential use after free in memblock_isolate_range() (bsc#1220872). - CVE-2024-26600: Fixed NULL pointer dereference for SRP in phy-omap-usb2 (bsc#1220340). - CVE-2023-52497: Fixed data corruption in erofs (bsc#1220879). - CVE-2023-52605: Fixed a NULL pointer dereference check (bsc#1221039) - CVE-2023-52569: Fixed a bug in btrfs by remoning BUG() after failure to insert delayed dir index item (bsc#1220918). - CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() (bsc#1220831). - CVE-2023-52574: Fixed a bug by hiding new member header_ops (bsc#1220870). - CVE-2023-52597: Fixed a setting of fpc register in KVM (bsc#1221040). - CVE-2023-52523: Fixed wrong redirects to non-TCP sockets in bpf (bsc#1220926). - CVE-2021-47105: Fixed potential memory leak in ice/xsk (bsc#1220961). - CVE-2023-52532: Fixed a bug in TX CQE error handling (bsc#1220932). - CVE-2021-46931: Fixed wrong type casting in mlx5e_tx_reporter_dump_sq() (bsc#1220486). The following non-security bugs were fixed: - doc/README.SUSE: Update information about module support status (jsc#PED-5759) - tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc (bsc#1222619).
Affected Systems
- opensuse•kernel-default-base&distro=openSUSE Leap Micro 5.3
< 5.14.21-150400.24.116.1.150400.24.54.5
- opensuse•kernel-default-base&distro=openSUSE Leap Micro 5.4
< 5.14.21-150400.24.116.1.150400.24.54.5
- opensuse•kernel-default&distro=openSUSE Leap Micro 5.3
< 5.14.21-150400.24.116.1
- opensuse•kernel-default&distro=openSUSE Leap Micro 5.4
< 5.14.21-150400.24.116.1
- suse•kernel-64kb&distro=SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS
< 5.14.21-150400.24.116.1
- suse•kernel-64kb&distro=SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS
< 5.14.21-150400.24.116.1
- suse•kernel-64kb&distro=SUSE Linux Enterprise Server 15 SP4-LTSS
< 5.14.21-150400.24.116.1
- suse•kernel-default-base&distro=SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS
< 5.14.21-150400.24.116.1.150400.24.54.5
- suse•kernel-default-base&distro=SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS
< 5.14.21-150400.24.116.1.150400.24.54.5
- suse•kernel-default-base&distro=SUSE Linux Enterprise Micro 5.3
< 5.14.21-150400.24.116.1.150400.24.54.5
- suse•kernel-default-base&distro=SUSE Linux Enterprise Micro 5.4
< 5.14.21-150400.24.116.1.150400.24.54.5
- suse•kernel-default-base&distro=SUSE Linux Enterprise Server 15 SP4-LTSS
< 5.14.21-150400.24.116.1.150400.24.54.5
- suse•kernel-default-base&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP4
< 5.14.21-150400.24.116.1.150400.24.54.5
- suse•kernel-default-base&distro=SUSE Manager Proxy 4.3
< 5.14.21-150400.24.116.1.150400.24.54.5
- suse•kernel-default-base&distro=SUSE Manager Server 4.3
< 5.14.21-150400.24.116.1.150400.24.54.5
- suse•kernel-default&distro=SUSE Linux Enterprise High Availability Extension 15 SP4
< 5.14.21-150400.24.116.1
- suse•kernel-default&distro=SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS
< 5.14.21-150400.24.116.1
- suse•kernel-default&distro=SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS
< 5.14.21-150400.24.116.1
- suse•kernel-default&distro=SUSE Linux Enterprise Live Patching 15 SP4
< 5.14.21-150400.24.116.1
- suse•kernel-default&distro=SUSE Linux Enterprise Micro 5.3
< 5.14.21-150400.24.116.1
- suse•kernel-default&distro=SUSE Linux Enterprise Micro 5.4
< 5.14.21-150400.24.116.1
- suse•kernel-default&distro=SUSE Linux Enterprise Server 15 SP4-LTSS
< 5.14.21-150400.24.116.1
- suse•kernel-default&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP4
< 5.14.21-150400.24.116.1
- suse•kernel-default&distro=SUSE Manager Proxy 4.3
< 5.14.21-150400.24.116.1
- suse•kernel-default&distro=SUSE Manager Server 4.3
< 5.14.21-150400.24.116.1
- suse•kernel-docs&distro=SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS
< 5.14.21-150400.24.116.1
- suse•kernel-docs&distro=SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS
< 5.14.21-150400.24.116.1
- suse•kernel-docs&distro=SUSE Linux Enterprise Server 15 SP4-LTSS
< 5.14.21-150400.24.116.1
- suse•kernel-docs&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP4
< 5.14.21-150400.24.116.1
- suse•kernel-livepatch-SLE15-SP4_Update_25&distro=SUSE Linux Enterprise Live Patching 15 SP4
< 1-150400.9.5.1
- suse•kernel-obs-build&distro=SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS
< 5.14.21-150400.24.116.1
- suse•kernel-obs-build&distro=SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS
< 5.14.21-150400.24.116.1
- suse•kernel-obs-build&distro=SUSE Linux Enterprise Server 15 SP4-LTSS
< 5.14.21-150400.24.116.1
- suse•kernel-obs-build&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP4
< 5.14.21-150400.24.116.1
- suse•kernel-source&distro=SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS
< 5.14.21-150400.24.116.1
- suse•kernel-source&distro=SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS
< 5.14.21-150400.24.116.1
- suse•kernel-source&distro=SUSE Linux Enterprise Server 15 SP4-LTSS
< 5.14.21-150400.24.116.1
- suse•kernel-source&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP4
< 5.14.21-150400.24.116.1
- suse•kernel-source&distro=SUSE Manager Proxy 4.3
< 5.14.21-150400.24.116.1
- suse•kernel-source&distro=SUSE Manager Server 4.3
< 5.14.21-150400.24.116.1
- suse•kernel-syms&distro=SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS
< 5.14.21-150400.24.116.1
- suse•kernel-syms&distro=SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS
< 5.14.21-150400.24.116.1
- suse•kernel-syms&distro=SUSE Linux Enterprise Server 15 SP4-LTSS
< 5.14.21-150400.24.116.1
- suse•kernel-syms&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP4
< 5.14.21-150400.24.116.1
- suse•kernel-syms&distro=SUSE Manager Proxy 4.3
< 5.14.21-150400.24.116.1
- suse•kernel-syms&distro=SUSE Manager Server 4.3
< 5.14.21-150400.24.116.1
- suse•kernel-zfcpdump&distro=SUSE Linux Enterprise Server 15 SP4-LTSS
< 5.14.21-150400.24.116.1
- suse•kernel-zfcpdump&distro=SUSE Manager Server 4.3
< 5.14.21-150400.24.116.1
References (157)
- https://www.suse.com/support/update/announcement/2024/suse-su-20241321-1/
- https://bugzilla.suse.com/1200599
- https://bugzilla.suse.com/1209635
- https://bugzilla.suse.com/1212514
- https://bugzilla.suse.com/1213456
- https://bugzilla.suse.com/1217987
- https://bugzilla.suse.com/1217988
- https://bugzilla.suse.com/1217989
- https://bugzilla.suse.com/1220237
- https://bugzilla.suse.com/1220251
- https://bugzilla.suse.com/1220320
- https://bugzilla.suse.com/1220340
- https://bugzilla.suse.com/1220366
- https://bugzilla.suse.com/1220411
- https://bugzilla.suse.com/1220413
- https://bugzilla.suse.com/1220439
- https://bugzilla.suse.com/1220443
- https://bugzilla.suse.com/1220445
- https://bugzilla.suse.com/1220466
- https://bugzilla.suse.com/1220478
- https://bugzilla.suse.com/1220482
- https://bugzilla.suse.com/1220484
- https://bugzilla.suse.com/1220486
- https://bugzilla.suse.com/1220487
- https://bugzilla.suse.com/1220790
- https://bugzilla.suse.com/1220831
- https://bugzilla.suse.com/1220833
- https://bugzilla.suse.com/1220836
- https://bugzilla.suse.com/1220839
- https://bugzilla.suse.com/1220840
- https://bugzilla.suse.com/1220843
- https://bugzilla.suse.com/1220870
- https://bugzilla.suse.com/1220871
- https://bugzilla.suse.com/1220872
- https://bugzilla.suse.com/1220878
- https://bugzilla.suse.com/1220879
- https://bugzilla.suse.com/1220885
- https://bugzilla.suse.com/1220898
- https://bugzilla.suse.com/1220918
- https://bugzilla.suse.com/1220920
- https://bugzilla.suse.com/1220921
- https://bugzilla.suse.com/1220926
- https://bugzilla.suse.com/1220927
- https://bugzilla.suse.com/1220929
- https://bugzilla.suse.com/1220932
- https://bugzilla.suse.com/1220938
- https://bugzilla.suse.com/1220940
- https://bugzilla.suse.com/1220954
- https://bugzilla.suse.com/1220955
- https://bugzilla.suse.com/1220959
- https://bugzilla.suse.com/1220960
- https://bugzilla.suse.com/1220961
- https://bugzilla.suse.com/1220965
- https://bugzilla.suse.com/1220969
- https://bugzilla.suse.com/1220978
- https://bugzilla.suse.com/1220979
- https://bugzilla.suse.com/1220981
- https://bugzilla.suse.com/1220982
- https://bugzilla.suse.com/1220983
- https://bugzilla.suse.com/1220985
- https://bugzilla.suse.com/1220986
- https://bugzilla.suse.com/1220987
- https://bugzilla.suse.com/1220989
- https://bugzilla.suse.com/1220990
- https://bugzilla.suse.com/1221009
- https://bugzilla.suse.com/1221012
- https://bugzilla.suse.com/1221015
- https://bugzilla.suse.com/1221022
- https://bugzilla.suse.com/1221039
- https://bugzilla.suse.com/1221040
- https://bugzilla.suse.com/1221048
- https://bugzilla.suse.com/1221055
- https://bugzilla.suse.com/1221058
- https://bugzilla.suse.com/1221077
- https://bugzilla.suse.com/1221276
- https://bugzilla.suse.com/1221551
- https://bugzilla.suse.com/1221553
- https://bugzilla.suse.com/1221725
- https://bugzilla.suse.com/1222073
- https://bugzilla.suse.com/1222619
- https://www.suse.com/security/cve/CVE-2021-46925
- https://www.suse.com/security/cve/CVE-2021-46926
- https://www.suse.com/security/cve/CVE-2021-46927
- https://www.suse.com/security/cve/CVE-2021-46929
- https://www.suse.com/security/cve/CVE-2021-46930
- https://www.suse.com/security/cve/CVE-2021-46931
- https://www.suse.com/security/cve/CVE-2021-46933
- https://www.suse.com/security/cve/CVE-2021-46936
- https://www.suse.com/security/cve/CVE-2021-47082
- https://www.suse.com/security/cve/CVE-2021-47087
- https://www.suse.com/security/cve/CVE-2021-47091
- https://www.suse.com/security/cve/CVE-2021-47093
- https://www.suse.com/security/cve/CVE-2021-47094
- https://www.suse.com/security/cve/CVE-2021-47095
- https://www.suse.com/security/cve/CVE-2021-47096
- https://www.suse.com/security/cve/CVE-2021-47097
- https://www.suse.com/security/cve/CVE-2021-47098
- https://www.suse.com/security/cve/CVE-2021-47099
- https://www.suse.com/security/cve/CVE-2021-47100
- https://www.suse.com/security/cve/CVE-2021-47101
- https://www.suse.com/security/cve/CVE-2021-47102
- https://www.suse.com/security/cve/CVE-2021-47104
- https://www.suse.com/security/cve/CVE-2021-47105
- https://www.suse.com/security/cve/CVE-2021-47107
- https://www.suse.com/security/cve/CVE-2021-47108
- https://www.suse.com/security/cve/CVE-2022-20154
- https://www.suse.com/security/cve/CVE-2022-4744
- https://www.suse.com/security/cve/CVE-2022-48626
- https://www.suse.com/security/cve/CVE-2022-48629
- https://www.suse.com/security/cve/CVE-2022-48630
- https://www.suse.com/security/cve/CVE-2023-28746
- https://www.suse.com/security/cve/CVE-2023-35827
- https://www.suse.com/security/cve/CVE-2023-52447
- https://www.suse.com/security/cve/CVE-2023-52450
- https://www.suse.com/security/cve/CVE-2023-52454
- https://www.suse.com/security/cve/CVE-2023-52469
- https://www.suse.com/security/cve/CVE-2023-52470
- https://www.suse.com/security/cve/CVE-2023-52474
- https://www.suse.com/security/cve/CVE-2023-52477
- https://www.suse.com/security/cve/CVE-2023-52492
- https://www.suse.com/security/cve/CVE-2023-52497
- https://www.suse.com/security/cve/CVE-2023-52501
- https://www.suse.com/security/cve/CVE-2023-52502
- https://www.suse.com/security/cve/CVE-2023-52504
- https://www.suse.com/security/cve/CVE-2023-52507
- https://www.suse.com/security/cve/CVE-2023-52508
- https://www.suse.com/security/cve/CVE-2023-52509
- https://www.suse.com/security/cve/CVE-2023-52510
- https://www.suse.com/security/cve/CVE-2023-52511
- https://www.suse.com/security/cve/CVE-2023-52513
- https://www.suse.com/security/cve/CVE-2023-52515
- https://www.suse.com/security/cve/CVE-2023-52517
- https://www.suse.com/security/cve/CVE-2023-52519
- https://www.suse.com/security/cve/CVE-2023-52520
- https://www.suse.com/security/cve/CVE-2023-52523
- https://www.suse.com/security/cve/CVE-2023-52524
- https://www.suse.com/security/cve/CVE-2023-52525
- https://www.suse.com/security/cve/CVE-2023-52528
- https://www.suse.com/security/cve/CVE-2023-52529
- https://www.suse.com/security/cve/CVE-2023-52532
- https://www.suse.com/security/cve/CVE-2023-52564
- https://www.suse.com/security/cve/CVE-2023-52566
- https://www.suse.com/security/cve/CVE-2023-52567
- https://www.suse.com/security/cve/CVE-2023-52569
- https://www.suse.com/security/cve/CVE-2023-52574
- https://www.suse.com/security/cve/CVE-2023-52575
- https://www.suse.com/security/cve/CVE-2023-52576
- https://www.suse.com/security/cve/CVE-2023-52582
- https://www.suse.com/security/cve/CVE-2023-52583
- https://www.suse.com/security/cve/CVE-2023-52597
- https://www.suse.com/security/cve/CVE-2023-52605
- https://www.suse.com/security/cve/CVE-2023-52621
- https://www.suse.com/security/cve/CVE-2023-6356
- https://www.suse.com/security/cve/CVE-2023-6535
- https://www.suse.com/security/cve/CVE-2023-6536
- https://www.suse.com/security/cve/CVE-2024-25742
- https://www.suse.com/security/cve/CVE-2024-26600